package com.cjlgb.design.common.security.handler;

import com.cjlgb.design.common.core.constant.InnerApps;
import com.cjlgb.design.common.security.annotation.Inner;
import lombok.RequiredArgsConstructor;
import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.util.StringUtils;

import javax.servlet.http.HttpServletRequest;

/**
 * @author WFT
 * @date 2019/7/29
 * description: 内部请求Aop处理程序
 */
@Slf4j
@Aspect
@RequiredArgsConstructor
public class InnerRequestAspectHandler {

    private final HttpServletRequest request;

    @SneakyThrows
    @Around("@annotation(inner)")
    public Object around(ProceedingJoinPoint point, Inner inner){
        if (inner.value().length == 1 && "".equals(inner.value()[0])){
            return point.proceed();
        }
        //  获取授权应用的名称
        String appName = this.request.getHeader(InnerApps.INNER_APP);
        if (StringUtils.hasText(appName)){
            for (String item : inner.value()) {
                //  判断应用是否被授权
                if (appName.equalsIgnoreCase(item)){
                    return point.proceed();
                }
            }
        }
        throw new AccessDeniedException("Access is denied");
    }



}
